TNW Sites

Proposed privacy fix for CISPA reintroduced, may protect your personal information from the government

Today Rep. Adam Schiff of California introduced an amendment to CISPA for a second time. The amendment, which requires that personally identifying information be removed with “reasonable efforts” when not pertinent to a threat, has been filed ahead of the House Committee on Rules taking up CISPA later today.

The failure of efforts to require the stripping of personally identifying information from CISPA in committee led to chiding from some in Congress. A group of four House Democrats stated the following, after CISPA left committee on a vote of 18 to 2:

While the Committee did adopt meaningful improvements that are helpful, we are disappointed that the Committee rejected a proposed amendment that would have required private sector entities to make “reasonable efforts” to remove Personally Identifiable Information (PII) unrelated to the cybersecurity threat [in question].

Happily, have another crack at the pinata.

For reference, here is the simply worded, and imminently grokable Schiff amendment:

REMOVAL OF INFORMATION IDENTIFYING SPECIFIC PERSONS. — Each cybersecurity provider or self-protected entity sharing cyber threat information under this paragraph shall, prior to sharing such information, make reasonable efforts (which may make use of automated processes) to remove from such cyber threat information any information that can be used to identify a specific person unrelated to a cyber threat.

Keep in mind that this the same language that failed in committee. Therefore, its chance of passage in the full House isn’t clear. Still, it’s an amendment that should be passed.

The White House has publicly nicked CISPA’s latest form as insufficiently reformed with regards to privacy. The ACLU has made similar complaints, as have privacy advocates and some large technology companies.